Internet Security

Privacy complaints received by tech giants’ favorite EU watchdog up more than 2x since GDPR

A report by the lead data watchdog for a large number of tech giants operating in Europe shows a significant increase in privacy complaints and data breach notifications since the region’s updated privacy framework came into force last May. The Irish Data Protection Commission (DPC)’s annual report, published today, covers the period May 25, aka…


A report by the lead data watchdog for a large number of tech giants operating in Europe shows a significant increase in privacy complaints and data breach notifications since the region’s updated privacy framework came into force last May.

The Irish Data Protection Commission (DPC)’s annual report, published today, covers the period May 25, aka the day the EU’s General Data Protection Regulation (GDPR) came into force, to December 31 2018 and shows the DPC received more than double the amount of complaints post-GDPR vs the first portion of 2018 prior to the new regime coming in: With 2,864 and 1,249 complaints received respectively.

That makes a total of 4,113 complaints for full year 2018 (vs just 2,642 for 2017). Which is a year on year increase of 36 per cent.

But the increase pre- and post-GDPR is even greater — 56 per cent — suggesting the regulation is working as intended by building momentum and support for individuals to exercise their fundamental rights.

“The phenomenon that is the [GDPR] has demonstrated one thing above all else: people’s interest in and appetite for understanding and controlling use of their personal data is anything but a reflection of apathy and fatalism,” writes Helen Dixon,Ireland’s commissioner for data protection.

She adds that the rise in the number of complaints and queries to DPAs across the EU since May 25 demonstrates “a new level of mobilisation to action on the part of individuals to tackle what they see as misuse or failure to adequately explain what is being done with their data”.

While Europe has had online privacy rules since 1995 a weak regime of enforcement essentially allowed them to be ignored for decades — and Internet companies to grab and exploit web users’ data without full regard and respect for European’s privacy rights.

But regulators hit the reset button last year. And Ireland’s data watchdog is an especially interesting agency to watch if you’re interested in assessing how GDPR is working, given how many tech giants have chosen to place their international data flows under the Irish DPC’s supervision.

More cross-border complaints

“The role places an important duty on the DPC to safeguard the data protection rights of hundreds of millions of individuals across the EU, a duty that the GDPR requires the DPC to fulfil in cooperation with other supervisory authorities,” the DPC writes in the report, discussing its role of supervisory authority for multiple tech multinationals and acknowledging both a “greatly expanded role under the GDPR” and a “significantly increased workload”.

A breakdown of GDPR vs Data Protection Act 1998 complaint types over the report period suggests complaints targeted at multinational entities have leapt up under the new DP regime.

For some complaint types the old rules resulted in just 2 per cent of complaints being targeted at multinationals vs close to a quarter (22 per cent) in the same categories under GDPR.

It’s the most marked difference between the old rules and the new — underlining the DPC’s expanded workload in acting as a hub (and often lead supervisory agency) for cross-border complaints under GDPR’s one-stop shop mechanism.

The category with the largest proportions of complaints under GDPR over the report period was access rights (30%) — with the DPC receiving a full 582 complaints related to people feeling they’re not getting their due data. Access rights was also most complained about under the prior data rules over this period.

Other prominent complaint types continue to be unfair processing of data (285 GDPR complaints vs 178 under the DPA); disclosure (217 vs 138); and electronic direct marketing (111 vs 36).

EU policymakers’ intent with GDPR is to redress the imbalance of weakly enforced rights — including by creating new opportunities for enforcement via a regime of supersized fines. (GDPR allows for penalties as high as up to 4 per cent of annual turnover, and in January the French data watchdog slapped Google with a $57M GDPR penalty related to transparency and consent — albeit still far off that theoretical maximum.)

Importantly, the regulation also introduced a collective redress option which has been adopted by some EU Member States.

This allows for third party organizations such as consumer rights groups to lodge data protection complaints on individuals’ behalf. The provision has led to a number of strategic complaints being filed by organized experts since last May (including in the case of the aforementioned Google fine) — spinning up momentum for collective consumer action to counter rights erosion. Again that’s important in a complex area that remains difficult for consumers to navigate without expert help.

For upheld complaints the GDPR ‘nuclear option’ is not fines though; it’s the ability for data protection agencies to order data controllers to stop processing data.

That remains the most significant tool in the regulatory toolbox. And depending on the outcome of various ongoing strategic GDPR complaints it could prove hugely significant in reshaping what data experts believe are systematic privacy incursions by adtech platform giants.

And while well-resourced tech giants may be able to factor in even very meaty financial penalties, as just a cost of doing a very lucrative business, data-focused business models could be far more precarious if processors can suddenly be slapped with an order to limit or even cease processing data. (As indeed Facebook’s business just has in German

Read More

Be the first to write a comment.

Leave a Reply

Internet Security

US probe into Binance reportedly expands to investigate insider trading

Binance is apparently facing more pressure from regulators over possible abuses at its cryptocurrency exchange. Bloombergsources said US officials have expanded their probe of Binance to include possible insider trading and market manipulation. The company hasn’t been accused of wrongdoing, but Commodity Futures Trading Commission investigators have reportedly inquired with potential witnesses about issues like…

Binance is apparently facing more pressure from regulators over possible abuses at its cryptocurrency exchange. Bloombergsources said US officials have expanded their probe of Binance to include possible insider trading and market manipulation. The company hasn’t been accused of wrongdoing, but Commodity Futures Trading Commission investigators have reportedly inquired with potential witnesses about issues like the location of Binance servers (and thus whether the US can pursue any cases).The commission had previously launched an investigation into the sales of derivatives tied to cryptocurrencies. It’s reportedly looking for internal Binance data that might show sales of those derivatives to American customers, breaking regulations that forbid those sales without registrations. The Internal Revenue Service and Justice Department are also probing possible money laundering on the exchange.There are no guarantees of action. The CFTC and Justice Department have supposedly been investigating Binance for months, and any decisions might take a while longer.Not surprisingly, Binance said it was above-board. A spokesperson told Bloomberg the exchange had a “zero-tolerance” approach to insider trades as well as ethical codes and security guidelines to prevent those actions. The company added that it fires offenders at a bare minimum. The CFTC has declined to comment.The heightened scrutiny of Binance, if accurate, would come as part of a larger US crackdown on cryptocurrencies. Officials are concerned the lack of consumer protections (including regulation) might hurt customers who sign up for services expecting the same safeguards they have with conventional money. In this case, the focus is on accountability — insider trading could wreck valuable investments and erode trust in Binance and other crypto exchanges.
Read More

Continue Reading
Internet Security

How to Use Arbitrum Bridge to Transfer Tokens From the Ethereum Network to Arbitrum

Arbitrum was built by Off-chain Labs, which is considered a layer two solution for Ethereum dApps. Arbitrum bridge was designed to improve the limitations of the Ethereum network. It offers high-throughput and low-cost fees transactions along with maintaining high-security standards. The platform is backed up by a world-class team of researchers, engineers, and Ethereum enthusiasts.…

Arbitrum was built by Off-chain Labs, which is considered a layer two solution for Ethereum dApps. Arbitrum bridge was designed to improve the limitations of the Ethereum network. It offers high-throughput and low-cost fees transactions along with maintaining high-security standards. The platform is backed up by a world-class team of researchers, engineers, and Ethereum enthusiasts. […]
The post How to Use Arbitrum Bridge to Transfer Tokens From the Ethereum Network to Arbitrum appeared first on Altcoin Buzz.
Read More

Continue Reading
Internet Security

Cyber arms dealer exploits new Apple iPhone software vulnerability; affects most versions – researchers

A cyber surveillance company based in Israel has developed a tool than can break into Apple iPhones with a never-before-seen technique for at least six months, internet security watchdog group Citizen Lab said on Monday. The discovery is important because of the critical nature of the vulnerability, which affects all versions of Apple’s iOS, OSX,…

A cyber surveillance company based in Israel has developed a tool than can break into Apple iPhones with a never-before-seen technique for at least six months, internet security watchdog group Citizen Lab said on Monday. The discovery is important because of the critical nature of the vulnerability, which affects all versions of Apple’s iOS, OSX, […]
Read More

Continue Reading
Internet Security

Authorities To Imprison A Man From Ohio For Defrauding $30 Million In A Cryptocurrency Scam

An Ohio man will be getting 20 years in prison for carrying out a cryptocurrency scam. Michael Ackerman has pleaded guilty to the crime and might be spending a long time in prison. According to the US Justice Department, the man pleaded guilty to the multi-million dollar cryptocurrency scam last week. A Cryptocurrency Scam Worth…

An Ohio man will be getting 20 years in prison for carrying out a cryptocurrency scam. Michael Ackerman has pleaded guilty to the crime and might be spending a long time in prison. According to the US Justice Department, the man pleaded guilty to the multi-million dollar cryptocurrency scam last week. A Cryptocurrency Scam Worth Of Millions Michael Ackerman planned and executed a cryptocurrency scam in 2017. This scheme promised to pay investors 15% on their investments every month. Even though the benefits were too dubious and impossible, many investors rushed in to utilize the opportunity. The scam was called the “Q3 Trading Club,” a fund that used investor’s money to make the supposed profits to be shared as returns. On September 8, 2021, a US attorney, Audrey Strauss from the New York Southern District, announced that Ackerman had pleaded guilty to the charges. According to Strauss, the man agreed to have caused the victims to lose above $30 million in cryptocurrency assets. Related Reading | New To Bitcoin? Learn To Trade Crypto With The NewsBTC Trading Course In the announcement, the attorney stressed that Arkerman agreed to have used his fake crypto scheme to steal millions from investors with the promise of 15% monthly returns. In addition, Strauss also disclosed that Michael Ackerman used fake documents to deceive the investors. His balances showed more than $315 million in the fund. But the reality was just a little above $5 million from the DoJ’s discoveries. The attorney also revealed that Ackerman stole investors’ money amounting to $9 million just to continue his lavish lifestyle. The man spent a lot of money on vehicles, real estate, personal security, traveling, and jewelry. Michael Ackerman Agrees To Pay The announcement also stated that Michael Ackerman has pleaded guilty to wire fraud. He agreed to pay back $30 million and forfeit at least $36 million in real estate, jewelry, cash which he acquired fraudulently. As for now, the sentencing will take place on January 5th, 2022. The first charges came from the SEC in 2020. The crime was the violation of securities laws by Michael Ackerman. Related Reading | Bitfinex To Roll Out Security Token Offerings (STOs) Platform In Kazakhstan The reports then showed that he used a private group that he created on Facebook to target physicians. The group was called “Physicians Dad’s Group,” and the SEC discovered his fraudulent intent. Michael Ackerman has never worked as an institutional broker in the New York Stock Exchange. Instead, he was operating as one of three scammers, including James, a Wells Fargo financial advisor, and another member, a surgeon called Quan Tran. In 2020 April, the victims of the incident sued Fargo for not investigating its employee. Featured Image From Pixabay
Read More

Continue Reading